File Upload Vulnerability in e107 CMS by e107
CVE-2022-50916

8.7HIGH

Key Information:

Vendor: E107
Status: E107 Cms
Vendor: CVE Published:; 13 January 2026

Badges

👾 Exploit Exists

What is CVE-2022-50916?

e107 CMS version 3.2.1 has a security flaw that allows authenticated administrators to exploit the Media Manager's file upload functionality. By manipulating the upload URL parameter, attackers can override existing files, including potentially critical files within the web application directory. This vulnerability poses a significant risk to the integrity of the system, making it essential for administrators to apply the latest security updates and implement additional safeguards to prevent unauthorized file manipulation.

Affected Version(s)

e107 CMS 3.2.1

References

https://www.exploit-db.com/exploits/50910

exploit

https://e107.org/

product

https://e107.org/download

product

CVSS V4

Score:

8.7

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

🟡
Public PoC available
Jan 13, 2026
👾
Exploit known to exist
Jan 13, 2026
Vulnerability published
Jan 13, 2026
Vulnerability Reserved
Jan 11, 2026

Credit

Hubert Wojciechowski

CVE-2022-50916 Data

JSON

E107

Badges

What is CVE-2022-50916?

Affected Version(s)

References

CVSS V4

Timeline

Credit